Fixed #2629 -- Added a permission_required decorator to

django.contrib.auth.decorator. Thanks, dummy@habmalnefrage.de.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@3779 bcc190cf-cafb-0310-a4f2-bffc1f526a37

django/contrib/auth/decorators.py

@@ -26,3 +26,11 @@ login_required.__doc__ = (
     to the log-in page if necessary.
     """
     )
+
+def permission_required(perm, login_url=LOGIN_URL):
+    """
+    Decorator for views that checks if a user has a particular permission
+    enabled, redirectiing to the log-in page if necessary.
+    """
+    return user_passes_test(lambda u: u.has_perm(perm), login_url=login_url)
+

docs/authentication.txt

@@ -456,6 +456,10 @@ As a shortcut, you can use the convenient ``user_passes_test`` decorator::
         # ...
     my_view = user_passes_test(lambda u: u.has_perm('polls.can_vote'))(my_view)
 
+We are using this particular test as a relatively simple example, however be
+aware that if you just want to test if a permission is available to a user,
+you can use the ``permission_required()`` decorator described below.
+
 Here's the same thing, using Python 2.4's decorator syntax::
 
     from django.contrib.auth.decorators import user_passes_test
@@ -488,6 +492,24 @@ Example in Python 2.4 syntax::
     def my_view(request):
         # ...
 
+The permission_required decorator
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+Since checking whether a user has a particular permission available to them is a
+relatively common operation, Django provides a shortcut for that particular
+case: the ``permission_required()`` decorator. Using this decorator, the
+earlier example can be written as::
+
+    from django.contrib.auth.decorators import permission_required
+     
+    def my_view(request):
+        # ...
+     
+    my_view = permission_required('polls.can_vote')(my_view)
+
+Note that ``permission_required()`` also takes an optional ``login_url``
+parameter.
+
 Limiting access to generic views
 --------------------------------